From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bug-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp0.migadu.com ([2001:41d0:403:58f0::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms13.migadu.com with LMTPS
	id cKoYLGP5I2feDAAAqHPOHw:P1
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 31 Oct 2024 21:40:51 +0000
Received: from aspmx1.migadu.com ([2001:41d0:403:58f0::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp0.migadu.com with LMTPS
	id cKoYLGP5I2feDAAAqHPOHw
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 31 Oct 2024 22:40:51 +0100
X-Envelope-To: larch@yhetil.org
Authentication-Results: aspmx1.migadu.com;
	dkim=pass header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=Tj0wbXow;
	dkim=fail ("headers rsa verify failed") header.d=aqwari.net header.s=fm3 header.b=e7THPXAb;
	dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm3 header.b="R vo0K77";
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org";
	dmarc=none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1730410851;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:resent-cc:
	 resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to:
	 references:references:list-id:list-help:list-unsubscribe:
	 list-subscribe:list-post:dkim-signature;
	bh=wZH/5Q/qH3+HLmA/LHFjRFnST5pZkBf9ON9BH7zbj5w=;
	b=li5CRCMrFUOtsbF6DfsogGxSYcWFUyk96eGgl+ivGcWPi5D40bchZ8kjQq2POuxiQWHfew
	Q84/levhhaqRNP16XJxzhCikBOr74JN+kVMBzZnH/VfBESTXFmnQbWH01+kJEffkRXA4vW
	nOPNQg2MzzwVKzMVhZxUSyR4aXfg/UIm3gdSXWIL/TQ9P9dnUugOWpB2sGbx4C7CUdQ0rf
	3Tgsr5ITySBDFt7f6wYKrf2LnKhAoc/jZlRCFfxjp8zGg1/7eR2WBgiv0Tf79iIymHjRvF
	XkEuwcUCxb1Ek0wd6M4DciDFqdEGS+aXM5Gm7PfIGOiGntseNJmI/AjPecEURg==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=pass header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=Tj0wbXow;
	dkim=fail ("headers rsa verify failed") header.d=aqwari.net header.s=fm3 header.b=e7THPXAb;
	dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm3 header.b="R vo0K77";
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org";
	dmarc=none
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1730410851; a=rsa-sha256; cv=none;
	b=NYNd1H34SWEDN3EqiVf/TtAB5zWzBRQaoxu5Xir2mppstaMeUdylmdtHFqeU3FgH1+EpFq
	ecbuTCU1e1q1gDnFEa8fBSVcgLp2B2y8z8s9bWikKFpt8L1uaMmhhRTERNdLNWB2z/MtTI
	3e6e032+QHwrSARfi3w+7LcEf3cDymNTk+xmwksbGhhu9cYOiQUP+gH8L4hqef/djuFEw7
	d6/ogY897PDJvuObtOEJlhT4lUtdPguOZKQDCvZavtR2rDJ1WC+LNYbxs5Y7IFqwXD4wGL
	9+BNlHZtocOGB0Zp2hiwJUhrXbORF2yEiWbXeAhiTJXrOt3v79osh1vypYp38Q==
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 487AF835AF
	for <larch@yhetil.org>; Thu, 31 Oct 2024 22:40:50 +0100 (CET)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-guix-bounces@gnu.org>)
	id 1t6cth-000091-P0; Thu, 31 Oct 2024 17:40:05 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1t6ctf-00008d-Cz
 for bug-guix@gnu.org; Thu, 31 Oct 2024 17:40:03 -0400
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1t6cte-0000mp-Oz
 for bug-guix@gnu.org; Thu, 31 Oct 2024 17:40:03 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=debbugs.gnu.org; s=debbugs-gnu-org; 
 h=References:In-Reply-To:From:Date:MIME-Version:To:Subject;
 bh=wZH/5Q/qH3+HLmA/LHFjRFnST5pZkBf9ON9BH7zbj5w=; 
 b=Tj0wbXowT/xsobSYbM/9P2fYRqkpnVlRjzxIykt9255f4pH/PdAsGuHKuOtjET1HPJKolPVXb0TA2MWHCTc2jGOgAZUCPe7qnKUlohNl7tDmulPsvmSvj3Ljly0hE01HtVzEx9ShCEQmcelT7WyD+y4kAj9RFgTK/+KyU0NtFWPp+UqZ4sTsdsDQWxhLU25H74Ii7JQfeMuW0Lg/D0QdFBhjkiMeeGND4vwjDOrvSh7bwMWxFQBxUSKAL5/O7KrHUZxwjLPR+Hs658fUCyqOeygRQerVwQK/amToIUDzY1E7tQtKwuhIexh0y5RmaZbLr13gIMZo1oAupzw4OK336Q==;
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1t6cte-0001tK-IB
 for bug-guix@gnu.org; Thu, 31 Oct 2024 17:40:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: bug#65769: greetd-wlgreet-sway-session result is blinking cursor
Resent-From: "David Arroyo" <david@aqwari.net>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Thu, 31 Oct 2024 21:40:02 +0000
Resent-Message-ID: <handler.65769.B65769.17304107737213@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 65769
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: "Josselin Poiret" <dev@jpoiret.xyz>, chris <chris@bumblehead.com>,
 "(" <paren@disroot.org>
Cc: 65769@debbugs.gnu.org
Received: via spool by 65769-submit@debbugs.gnu.org id=B65769.17304107737213
 (code B ref 65769); Thu, 31 Oct 2024 21:40:02 +0000
Received: (at 65769) by debbugs.gnu.org; 31 Oct 2024 21:39:33 +0000
Received: from localhost ([127.0.0.1]:44473 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1t6ctA-0001sA-J7
 for submit@debbugs.gnu.org; Thu, 31 Oct 2024 17:39:33 -0400
Received: from fhigh-a8-smtp.messagingengine.com ([103.168.172.159]:56201)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <david@aqwari.net>) id 1t6cE2-0008Tt-Ms
 for 65769@debbugs.gnu.org; Thu, 31 Oct 2024 16:57:04 -0400
Received: from phl-compute-01.internal (phl-compute-01.phl.internal
 [10.202.2.41])
 by mailfhigh.phl.internal (Postfix) with ESMTP id C2003114015C;
 Thu, 31 Oct 2024 16:56:56 -0400 (EDT)
Received: from phl-imap-08 ([10.202.2.84])
 by phl-compute-01.internal (MEProxy); Thu, 31 Oct 2024 16:56:56 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aqwari.net; h=cc
 :cc:content-transfer-encoding:content-type:content-type:date
 :date:from:from:in-reply-to:in-reply-to:message-id:mime-version
 :references:reply-to:subject:subject:to:to; s=fm3; t=1730408216;
 x=1730494616; bh=wZH/5Q/qH3+HLmA/LHFjRFnST5pZkBf9ON9BH7zbj5w=; b=
 e7THPXAbNBVVlGxcdHONVQQzXS2FdfT+5elxeIGoP32czxFGrIWhhRgGhi0cD2Yu
 4o0ALT7wsdWrmnV/kDcx0J6UZYFGL7sftzHwozF9yQ57rq2kGf0BRUKKSsuE8Syh
 LDCZvdzOsxsw3bMR2Y9pescXbw2v8h1kVlSOI9AIhTeDlNSjlSiOpgQ00DM/kkMA
 QcnyV7hE2/X70oy6s+S4n6appJu/chg0Qr8rTexTY6QQphn+0eoeI5/gTV8uBEKJ
 tVheR7uLHMd5me6FkiC6u4PM/Ljt2iVT+MvctFdhhgZQ6D4uYnxHGDmlbBjuln5A
 3nk/20ICEwmCuAoYrp87tg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:cc:content-transfer-encoding
 :content-type:content-type:date:date:feedback-id:feedback-id
 :from:from:in-reply-to:in-reply-to:message-id:mime-version
 :references:reply-to:subject:subject:to:to:x-me-proxy
 :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1730408216; x=
 1730494616; bh=wZH/5Q/qH3+HLmA/LHFjRFnST5pZkBf9ON9BH7zbj5w=; b=R
 vo0K77LUUHuKtK8O/EFYCi8S18K2KlnxaorpicS9n2xUrWa9gu7xozK+3QKb3Ro2
 +H4wMweu1AUVWyaDPfZdI3FRF4Les4hlj5UzGHFPjpvGVNo+RUAVcNmWcnMQ3WFh
 CcBgxFNpp3tAbURUHAFuvmNGeZuaqQ7fkNpNU7uUDFNmjjYpbdzjGmVB3qZfCuYH
 AqOiznxG2xu3K+J/L3SJXm+zeyR0nCUCJ5m6MFc4RP5kwvmjCokQQkbCfroCRnke
 K32PaS6TwOsxX6BB2dKfRm7oA9+yZdrQMLfeLwPo+splu+FPfJUwyvmfkn6NO3XZ
 psLXhab0Bn0zrMMjWn1uw==
X-ME-Sender: <xms:GO8jZ4W0gwCPrM6XihDGZIyinOIWf55JT27LUps2W49TrsgST7yMgw>
 <xme:GO8jZ8l21ZQDtpGRHTgP4RUdKANP_AX2NleiKkgbx-I2BzpAIgLWdaLhsCh2FYcC2
 QpsMkx6atIcuzPy_g>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdekjedggeekucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu
 rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefoggffhf
 fvvefkjghfufgtgfesthejredtredttdenucfhrhhomhepfdffrghvihguucetrhhrohih
 ohdfuceouggrvhhiugesrghqfigrrhhirdhnvghtqeenucggtffrrghtthgvrhhnpefftd
 dvieeiteefgeffjeeltdehvdeutdfhteetteelfefgtdetfedutdeiieekjeenucffohhm
 rghinhepshhrrdhhthdpihhnuggvgidrmhgupdhgnhhurdhorhhgnecuvehluhhsthgvrh
 fuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepuggrvhhiugesrghqfigrrhhi
 rdhnvghtpdhnsggprhgtphhtthhopeegpdhmohguvgepshhmthhpohhuthdprhgtphhtth
 hopegthhhrihhssegsuhhmsghlvghhvggrugdrtghomhdprhgtphhtthhopeeiheejieel
 seguvggssghughhsrdhgnhhurdhorhhgpdhrtghpthhtohepphgrrhgvnhesughishhroh
 hothdrohhrghdprhgtphhtthhopeguvghvsehjphhoihhrvghtrdighiii
X-ME-Proxy: <xmx:GO8jZ8aBSO48ulCLg3JJvsvPj-j2MEY_vrwgEgVniSOMMQUxP5ozUw>
 <xmx:GO8jZ3WR4jS0NU9AtiORdKf2jUFaewlMHz-llvX2S4O3lH7F_jP7rA>
 <xmx:GO8jZynRRt1nre-SFmKZuc8wwZAGupHliLxfVop32sHMPtf2RJ9RGg>
 <xmx:GO8jZ8eAxLclrvEFOFoBsh9PEVSQ0pPek1D_N_SGA0zgxwJ4slqTXw>
 <xmx:GO8jZ0iYu9d6H3lW8Lvr6PBdBwGqDvBSVzQygyN5-2mb6YslEVs3H9uM>
Feedback-ID: i83f147ed:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501)
 id 124A218A0068; Thu, 31 Oct 2024 16:56:56 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
MIME-Version: 1.0
Date: Thu, 31 Oct 2024 21:56:19 +0100
From: "David Arroyo" <david@aqwari.net>
Message-Id: <d4962d15-d4a4-49d3-8a27-d5e8c5b2183b@app.fastmail.com>
In-Reply-To: <871qf7vbx4.fsf@jpoiret.xyz>
References: <ZPfsKrd1Xsm_gHL4@guix-xps> <87h6o4lnxz.fsf@disroot.org>
 <ZPs-YA0Hy7ebG4Pg@guix-xps> <87cyysllhs.fsf@disroot.org>
 <ZPtFZZ6EzApJx9-T@guix-xps> <871qf7vbx4.fsf@jpoiret.xyz>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Thu, 31 Oct 2024 17:39:28 -0400
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: bug-guix-bounces+larch=yhetil.org@gnu.org
X-Migadu-Country: US
X-Migadu-Flow: FLOW_IN
X-Migadu-Scanner: mx11.migadu.com
X-Migadu-Spam-Score: -1.58
X-Spam-Score: -1.58
X-Migadu-Queue-Id: 487AF835AF
X-TUID: IKbK44V7jv8T

On Sat, Sep 9, 2023, at 11:11, Josselin Poiret via Bug reports for GNU Guix wrote:
> I'd still like feedback from actual users of wlgreet, as I have not used
> it myself.  I do believe the only way it could work is because something
> takes care of creating the runtime directory.

This is my conclusion as well. I ran into this issue today when trying to
setup a minimal install with sway. I had to switch from seatd to elogind.
Here's my working config:

https://paste.sr.ht/~droyo/6cd5f6c1cb12220d10dbcbe0f92f317dfdc88aee

Here's my understanding of the issue;

* greetd runs as root, but when the user switches to a vt, it forks a
  child process to run the default_session command (agreety, wlgreet,
  etc).  This process runs as the `(default-session-user config)`
  (default "greeter".

* sway requires XDG_RUNTIME_DIR to exist, but there is nothing creating
   XDG_RUNTIME_DIR on behalf of "greeter", so it repeatedly crashes
   until herd disables the `term-ttyX` service corresponding to the
   wlgreet terminal.

* When using elogind, this is taken care of for "greeter" by the
   pam_elogind pam module, which is added to all pam configs, including
   greetd's, by the `elogin-service-type` service. On other distros,
   pam_systemd performs the same task.

This issue is summarized by the author of seatd here:

https://git.sr.ht/~kennylevinsen/seatd-docs/tree/master/item/index.md#xdg_runtime_dir-not-set

The solution prescribed is to create the rundir from a script on startup
or with a pam module. I was curious why the existing `pam_mount(5)`
module in greetd's existing PAM configuration did not handle creation
for the "greeter" user as well. The pam_mount configuration linked to
/etc/security/greetd_pam_mount.conf.xml does not discriminate against
this user.

I set `debug=1` in /etc/security/greetd_pam_mount.conf.xml and restarted
the system. Here's the `pam_mount` logs for the "greeter" user's session:

	greetd: (pam_mount.c:568): pam_mount 2.18: entering session stage
	greetd: (pam_mount.c:629): no volumes to mount
	greetd: command: '/gnu/store/18wjrghh95hy8l4nmr22lpsjgjpdqbax-greetd-pam-mount-2.18/sbin/pmvarrun' '-u' 'greeter' '-o' '1'
	greetd: (pam_mount.c:441): pmvarrun says login count is 2
	greetd: (pam_mount.c:660): done opening session (ret=0)
	greetd: (pam_mount.c:706): received order to close things
	greetd: (pam_mount.c:709): No volumes to umount

And for my session (after logging into a separate vt running agreety):

	greetd: (pam_mount.c:568): pam_mount 2.18: entering session stage
	greetd: (mount.c:781): Could not get realpath of /run/user/1000: No such file or directory
	greetd: (mount.c:251): Mount info: globalconf, user=droyo <volume fstype="tmpfs" server="(null)" path="none" mountpoint="/run/user/1000" cipher="(null)" fskeypath="(null)" fskeycipher="(null)" fskeyhash="(null)" options="noexec,nosuid,nodev,size=1g,mode=0700,uid=1000,gid=998" /> fstab=0 ssh=0
	greetd: (mount.c:305): mkmountpoint: checking /run
	greetd: (mount.c:305): mkmountpoint: checking /run/user
	greetd: (mount.c:345): mkdir[0] /run/user
	greetd: (mount.c:351): chown /run/user -> 1000:998
	greetd: (mount.c:305): mkmountpoint: checking /run/user/1000
	greetd: (mount.c:329): mkdir[1000] /run/user/1000
	greetd: (mount.c:660): Password will be sent to helper as-is.
	greetd: command: '/gnu/store/w62dxljn51hcrszyxjb1dffhbvrl8iqm-util-linux-2.37.4/bin/mount' '-onoexec,nosuid,nodev,size=1g,mode=0700,uid=1000,gid=998' '-ttmpfs' 'none' '/run/user/1000'

I could not find any obvious problem reading pam_mount.c, so I read the
pam_mount.conf file a little closer and found the issue:

	<volume sgrp="users" fstype="tmpfs" ...

Per pam_mount.conf(5), sgrp restricts pam_mount's activity to users in
the "users" group. So adding "users" to `greeter-supplementary-groups`
resolves the issue.

Sorry for being long-winded. I thought maybe including the steps I took
would help others stuck in similar issues troubleshoot. As far as fixing
this one, should we update the example in

https://guix.gnu.org/manual/en/html_node/Base-Services.html#index-greetd_002dwlgreet_002dsway_002dsession

or is it better to force a fix and modify pam_mount or make the
greetd-wlgreet-* sessions enforce some check on group membership?

Another thing, the /run/user created by pam_mount is owned by the
first session's user (greeter:greeter), while with pam_elogind it's owned
by root:root. It doesn't seem to cause a problem, but I just thought I'd
call that out.

David